public void Authenticate_returns_key()
{
var webClient = SetupWebClientForGetWithFixture("auth-info-response");
Assert.That(
Remote.Authenticate(Token, TestData.Passphrase, webClient.Object),
Is.EqualTo(TestData.Key));
}
public void Authenticate_throws_on_incorrect_passphrase()
{
var webClient = SetupWebClientForGetWithFixture("auth-info-response");
Assert.That(
() => Remote.Authenticate(Token, "Not really a passphrase", webClient.Object),
Throws
.TypeOf <FetchException>()
.And.Property("Reason").EqualTo(FetchException.FailureReason.InvalidPassphrase)
.And.Message.EqualTo("Passphrase is incorrect"));
}
private AuthenticationResponse AttemptLogin(string username, string password, out int?adminUserID)
{
adminUserID = null;
// check user attempts to see if it should be locked out
if (_attemptRepo.TestLockout(username, UserIP))
{
return(AuthenticationResponse.LockedOut);
}
// then check to see if they are in the local database
var user = _repo.FindByEmailAddress(username);
if (user != null)
{
var result = Crypto.VerifyHashedPassword(user.Password, password);
if (result)
{
adminUserID = user.ID;
return(AuthenticationResponse.LocalSuccess);
}
}
// then remote auth
if (Remote.Authenticate(username, password, UserIP) == RemoteAuthenicationResponse.Valid)
{
return(AuthenticationResponse.ImagemakersSuccess);
}
// all else fails, add the failed attempt and return unauthorized
_attemptRepo.Add(username, UserIP);
_uow.Commit();
return(AuthenticationResponse.Unauthorized);
}
